Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/68870f73-41d7-4114-b21d-e74d286b934d/226511b2cd13e6b85b952c0bc4bd37c24ecfbdee.roa
File:                     226511b2cd13e6b85b952c0bc4bd37c24ecfbdee.roa (raw, json)
Hash identifier:          JkF6RpxDbdZOjZXUWtnwBicrcdmXYJjKSYjD34Uo9VM=
Subject key identifier:   43:ED:44:23:CE:A9:76:EF:5E:A5:4E:7D:B0:2B:3D:9A:5D:6B:D1:DF
Certificate issuer:       /CN=19d34285ba628172d8175ee1905c3b599e21efd6
Certificate serial:       0496
Authority key identifier: E0:3B:40:48:08:BC:04:2F:ED:50:56:A9:62:2F:E4:75:3E:28:8F:AC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/19d34285ba628172d8175ee1905c3b599e21efd6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/68870f73-41d7-4114-b21d-e74d286b934d/226511b2cd13e6b85b952c0bc4bd37c24ecfbdee.roa
Signing time:             Tue 05 Apr 2022 18:22:16 +0000
ROA not before:           Tue 05 Apr 2022 03:00:00 +0000
ROA not after:            Fri 05 Apr 2024 03:00:00 +0000
asID:                     6507
IP address blocks:        138.0.12.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/68870f73-41d7-4114-b21d-e74d286b934d/19d34285ba628172d8175ee1905c3b599e21efd6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/68870f73-41d7-4114-b21d-e74d286b934d/19d34285ba628172d8175ee1905c3b599e21efd6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/19d34285ba628172d8175ee1905c3b599e21efd6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 01 Apr 2024 05:58:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1174 (0x496)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19d34285ba628172d8175ee1905c3b599e21efd6
        Validity
            Not Before: Apr  5 03:00:00 2022 GMT
            Not After : Apr  5 03:00:00 2024 GMT
        Subject: CN=226511b2cd13e6b85b952c0bc4bd37c24ecfbdee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:66:46:28:fc:14:fd:37:16:20:4b:36:ef:10:
                    bc:6c:05:46:06:65:4c:34:56:a3:e9:80:e9:6b:1a:
                    44:28:e4:6e:a4:9e:2f:c5:7e:95:cc:48:17:0c:2c:
                    6a:ac:83:fa:57:d8:f6:1d:34:38:27:3d:81:f9:09:
                    fb:af:fb:b3:1c:ac:d7:6a:a5:b2:9a:24:d0:17:9d:
                    c9:23:0a:ee:01:ad:ff:b3:54:eb:91:c4:c6:b0:f9:
                    d9:4f:c2:f8:e5:ba:87:b1:a3:a1:d1:30:9b:fb:d9:
                    2d:1f:cf:27:53:d7:b8:3e:e9:f2:04:5c:3d:42:44:
                    71:25:8b:ca:ef:a1:4d:58:e0:e4:d2:98:42:eb:fb:
                    7b:c6:0b:75:78:a5:23:5d:8d:cd:60:05:4a:bb:df:
                    3a:0f:55:e1:96:73:84:e2:9e:96:78:4e:11:eb:a2:
                    44:e6:6e:6d:30:8a:fb:d0:6a:cc:45:35:63:34:1f:
                    2a:5c:88:81:77:1e:34:bb:f5:ae:86:3d:b5:61:50:
                    c3:f8:64:dc:b2:ae:ce:8e:a2:4d:f0:0b:2e:76:fa:
                    c1:25:c3:0a:67:66:ed:c7:15:32:6f:e1:51:6a:e0:
                    96:c8:25:ca:00:fa:d8:8d:27:71:5c:45:fd:6d:e9:
                    8a:90:22:12:8b:1a:f9:1d:bc:e0:1e:12:0d:2f:65:
                    30:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:ED:44:23:CE:A9:76:EF:5E:A5:4E:7D:B0:2B:3D:9A:5D:6B:D1:DF
            X509v3 Authority Key Identifier:
                keyid:E0:3B:40:48:08:BC:04:2F:ED:50:56:A9:62:2F:E4:75:3E:28:8F:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/19d34285ba628172d8175ee1905c3b599e21efd6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/68870f73-41d7-4114-b21d-e74d286b934d/226511b2cd13e6b85b952c0bc4bd37c24ecfbdee.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/68870f73-41d7-4114-b21d-e74d286b934d/19d34285ba628172d8175ee1905c3b599e21efd6.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.0.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         80:55:a5:e1:ad:0b:9c:ca:04:00:44:a8:9f:f3:62:9b:3d:b6:
         64:30:5d:3f:da:29:0b:9f:3e:9e:c5:78:0a:6d:f4:60:8d:7a:
         e9:be:21:aa:b7:e9:2d:be:ba:98:09:2e:96:39:a9:9e:17:ec:
         ce:cd:b6:c8:43:f0:b5:d9:f1:e6:89:25:8b:5a:c5:91:e1:c6:
         9e:fc:a5:ff:cd:56:e6:8a:0b:d2:9d:31:cb:38:41:3a:7e:44:
         27:3a:9a:79:fb:fe:44:07:70:53:62:e5:40:82:6d:ff:27:66:
         5f:e8:c7:e0:e1:36:a5:a3:13:8f:93:c2:d3:77:3d:60:ce:a5:
         49:4c:b5:83:41:6a:bb:85:6b:ed:f3:6c:ac:31:91:c8:04:19:
         29:99:d6:60:23:e1:ef:14:92:5a:66:65:17:2c:25:a1:43:ca:
         1b:2e:af:a8:b6:07:31:c8:30:da:e7:b6:df:91:62:0e:18:0a:
         7b:7a:1f:af:44:8f:1b:50:7d:18:31:3b:3b:b3:19:18:1b:89:
         0b:c6:35:84:d2:0e:de:10:81:73:93:7a:a2:4a:c7:48:3a:00:
         00:70:7c:56:31:f2:d2:88:f8:68:a3:39:83:2f:18:db:35:10:
         25:2e:11:d4:52:82:a1:65:78:9b:dc:82:07:f2:9c:75:89:6b:
         db:11:1b:ca
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICBJYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTlk
MzQyODViYTYyODE3MmQ4MTc1ZWUxOTA1YzNiNTk5ZTIxZWZkNjAeFw0yMjA0MDUw
MzAwMDBaFw0yNDA0MDUwMzAwMDBaMDMxMTAvBgNVBAMTKDIyNjUxMWIyY2QxM2U2
Yjg1Yjk1MmMwYmM0YmQzN2MyNGVjZmJkZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLZkYo/BT9NxYgSzbvELxsBUYGZUw0VqPpgOlrGkQo5G6kni/F
fpXMSBcMLGqsg/pX2PYdNDgnPYH5Cfuv+7McrNdqpbKaJNAXnckjCu4Brf+zVOuR
xMaw+dlPwvjluoexo6HRMJv72S0fzydT17g+6fIEXD1CRHEli8rvoU1Y4OTSmELr
+3vGC3V4pSNdjc1gBUq73zoPVeGWc4TinpZ4ThHrokTmbm0wivvQasxFNWM0Hypc
iIF3HjS79a6GPbVhUMP4ZNyyrs6Ook3wCy52+sElwwpnZu3HFTJv4VFq4JbIJcoA
+tiNJ3FcRf1t6YqQIhKLGvkdvOAeEg0vZTADAgMBAAGjggJbMIICVzAdBgNVHQ4E
FgQUQ+1EI86pdu9epU59sCs9ml1r0d8wHwYDVR0jBBgwFoAU4DtASAi8BC/tUFap
Yi/kdT4oj6wwDgYDVR0PAQH/BAQDAgeAMIGaBggrBgEFBQcBAQSBjTCBijCBhwYI
KwYBBQUHMAKGe3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jwa2kvbGFj
bmljLzQ4ZjA4M2JiLWY2MDMtNDg5My05OTkwLTAyODRjMDRjZWI4NS8xOWQzNDI4
NWJhNjI4MTcyZDgxNzVlZTE5MDVjM2I1OTllMjFlZmQ2LmNlcjCBmgYIKwYBBQUH
AQsEgY0wgYowgYcGCCsGAQUFBzALhntyc3luYzovL3JlcG9zaXRvcnkubGFjbmlj
Lm5ldC9ycGtpL2xhY25pYy82ODg3MGY3My00MWQ3LTQxMTQtYjIxZC1lNzRkMjg2
YjkzNGQvMjI2NTExYjJjZDEzZTZiODViOTUyYzBiYzRiZDM3YzI0ZWNmYmRlZS5y
b2EwgY8GA1UdHwSBhzCBhDCBgaB/oH2Ge3JzeW5jOi8vcmVwb3NpdG9yeS5sYWNu
aWMubmV0L3Jwa2kvbGFjbmljLzY4ODcwZjczLTQxZDctNDExNC1iMjFkLWU3NGQy
ODZiOTM0ZC8xOWQzNDI4NWJhNjI4MTcyZDgxNzVlZTE5MDVjM2I1OTllMjFlZmQ2
LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw
DjAMBAIAATAGAwQCigAMMA0GCSqGSIb3DQEBCwUAA4IBAQCAVaXhrQucygQARKif
82KbPbZkMF0/2ikLnz6exXgKbfRgjXrpviGqt+ktvrqYCS6WOameF+zOzbbIQ/C1
2fHmiSWLWsWR4cae/KX/zVbmigvSnTHLOEE6fkQnOpp5+/5EB3BTYuVAgm3/J2Zf
6Mfg4TaloxOPk8LTdz1gzqVJTLWDQWq7hWvt82ysMZHIBBkpmdZgI+HvFJJaZmUX
LCWhQ8obLq+otgcxyDDa57bfkWIOGAp7eh+vRI8bUH0YMTs7sxkYG4kLxjWE0g7e
EIFzk3qiSsdIOgAAcHxWMfLSiPhoozmDLxjbNRAlLhHUUoKhZXib3IIH8px1iWvb
ERvK
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:00:45 2024 by rpki-client on console-fra.rpki-client.org